Reputation: 1
Connecting Azure Container Registry resource across tenants to push ACR Images
Hello Support Community,
I am getting the error listed below while pushing ACR from one tenant to another. Please advise ! Thanks !
-- Deployment YAML:
# Push build to PME ACR using Managed Identity
- stage: ACR_Push_PME
displayName: "[PME] ACR Push"
dependsOn: Build
condition: succeeded()
pool:
name: tpre-buildpool
image: tpre-release-image-linux
os: linux
jobs:
- template: Microsoft.OneVet.API.OVDF/Pipelines/acr-pme-ev2-template.yaml@self
parameters:
JobName: ACRPushPME
JobDisplayName: "ACR Push Job PME"
Environment: "TPRE_DEV"
ACR Template referenced in deployment yaml
#use managed identity
ACR: "pmedevacr"
UseManagedIdentity: true # Enable managed identity for ACR authentication
# Login to ACR using Managed Identity or Service Connection based on the parameter
- ${{ if eq(parameters.UseManagedIdentity, true) }}:
- script: |
az login --identity # Log in using Managed Identity
az account set --subscription ${{ parameters.SubscriptionId }} # Set the correct subscription
az acr login --name ${{ parameters.ACR }} # Login to ACR without the --subscription argument
displayName: "Login to ACR using Managed Identity"
WARNING: Unable to get AAD authorization tokens with message: 2024-10-05 19:02:19.608041 An error occurred: CONNECTIVITY_REFRESH_TOKEN_ERROR Access to registry 'pmedevacr.azurecr.io' was denied. Response code: 401. Please try running 'az login' again to refresh permissions. WARNING: Unable to get admin user credentials with message: The resource with name 'pmedevacr' and type 'Microsoft.ContainerRegistry/registries' could not be found in subscription 'CFAR CPS DEV (3c6eede2-a8a9-4fd2-8a2e-314b4af6a3a8)'. **ERROR: Unable to authenticate using AAD or admin login credentials. Please specify both username and password in non-interactive mode. /mnt/vss/_work/_temp/08c3d2d4-74bd-4aa9-abc1-2fbe652a9260.sh: line 4: displayName:: command not found **
checked support wikis
Expected output: successful connectivity between ACR's from source to target tenant
Upvotes: 0
Views: 67
Answers (0)
Related Questions
- I can't make Kubernetes in AKS to pull the images from a private docker registry in Azure
- Azure Container Registry need to be Admin user enabled to let be consumed in Container App Environment
- How can I docker commit azure container instance to azure container registry
- How can I use a SystemAssigned identity when pulling an image from Azure Container Registry into Azure Container Instances?
- Naming policies for Azure Container Registries (ACR) artefacts
- Azure Kubernetes cannot pull a image from ACR container
- az acr build authentication for private docker registry with base images
- GitHub Action Repository Secrets & how to secure client_payload repo dispatch event Azure Container Registry
- Not able to container images from ACR to Minikube vm